/src/openssl30/ssl/ssl_txt.c

Source
/*
 * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
 * Copyright 2005 Nokia. All rights reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <stdio.h>
#include <openssl/buffer.h>
#include "ssl_local.h"

#ifndef OPENSSL_NO_STDIO
int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *x)
{
    BIO *b;
    int ret;

    if ((b = BIO_new(BIO_s_file())) == NULL) {
        ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB);
        return 0;
    }
    BIO_set_fp(b, fp, BIO_NOCLOSE);
    ret = SSL_SESSION_print(b, x);
    BIO_free(b);
    return ret;
}
#endif

int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
{
    size_t i;
    const char *s;
    int istls13;

    if (x == NULL)
        goto err;
    istls13 = (x->ssl_version == TLS1_3_VERSION);
    if (BIO_puts(bp, "SSL-Session:\n") <= 0)
        goto err;
    s = ssl_protocol_to_string(x->ssl_version);
    if (BIO_printf(bp, "    Protocol  : %s\n", s) <= 0)
        goto err;

    if (x->cipher == NULL) {
        if (((x->cipher_id) & 0xff000000) == 0x02000000) {
            if (BIO_printf(bp, "    Cipher    : %06lX\n",
                    x->cipher_id & 0xffffff)
                <= 0)
                goto err;
        } else {
            if (BIO_printf(bp, "    Cipher    : %04lX\n",
                    x->cipher_id & 0xffff)
                <= 0)
                goto err;
        }
    } else {
        if (BIO_printf(bp, "    Cipher    : %s\n",
                ((x->cipher->name == NULL) ? "unknown"
                                           : x->cipher->name))
            <= 0)
            goto err;
    }
    if (BIO_puts(bp, "    Session-ID: ") <= 0)
        goto err;
    for (i = 0; i < x->session_id_length; i++) {
        if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0)
            goto err;
    }
    if (BIO_puts(bp, "\n    Session-ID-ctx: ") <= 0)
        goto err;
    for (i = 0; i < x->sid_ctx_length; i++) {
        if (BIO_printf(bp, "%02X", x->sid_ctx[i]) <= 0)
            goto err;
    }
    if (istls13) {
        if (BIO_puts(bp, "\n    Resumption PSK: ") <= 0)
            goto err;
    } else if (BIO_puts(bp, "\n    Master-Key: ") <= 0)
        goto err;
    for (i = 0; i < x->master_key_length; i++) {
        if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0)
            goto err;
    }
#ifndef OPENSSL_NO_PSK
    if (BIO_puts(bp, "\n    PSK identity: ") <= 0)
        goto err;
    if (BIO_printf(bp, "%s", x->psk_identity ? x->psk_identity : "None") <= 0)
        goto err;
    if (BIO_puts(bp, "\n    PSK identity hint: ") <= 0)
        goto err;
    if (BIO_printf(bp, "%s", x->psk_identity_hint ? x->psk_identity_hint : "None") <= 0)
        goto err;
#endif
#ifndef OPENSSL_NO_SRP
    if (BIO_puts(bp, "\n    SRP username: ") <= 0)
        goto err;
    if (BIO_printf(bp, "%s", x->srp_username ? x->srp_username : "None") <= 0)
        goto err;
#endif
    if (x->ext.tick_lifetime_hint) {
        if (BIO_printf(bp,
                "\n    TLS session ticket lifetime hint: %ld (seconds)",
                x->ext.tick_lifetime_hint)
            <= 0)
            goto err;
    }
    if (x->ext.tick) {
        if (BIO_puts(bp, "\n    TLS session ticket:\n") <= 0)
            goto err;
        if (BIO_dump_indent(bp, (const char *)x->ext.tick, (int)x->ext.ticklen, 4)
            <= 0)
            goto err;
    }
#ifndef OPENSSL_NO_COMP
    if (x->compress_meth != 0) {
        SSL_COMP *comp = NULL;

        if (!ssl_cipher_get_evp(NULL, x, NULL, NULL, NULL, NULL, &comp, 0))
            goto err;
        if (comp == NULL) {
            if (BIO_printf(bp, "\n    Compression: %d", x->compress_meth) <= 0)
                goto err;
        } else {
            if (BIO_printf(bp, "\n    Compression: %d (%s)", comp->id,
                    comp->name)
                <= 0)
                goto err;
        }
    }
#endif
    if (x->time != 0L) {
        if (BIO_printf(bp, "\n    Start Time: %lld", (long long)x->time) <= 0)
            goto err;
    }
    if (x->timeout != 0L) {
        if (BIO_printf(bp, "\n    Timeout   : %lld (sec)", (long long)x->timeout) <= 0)
            goto err;
    }
    if (BIO_puts(bp, "\n") <= 0)
        goto err;

    if (BIO_puts(bp, "    Verify return code: ") <= 0)
        goto err;
    if (BIO_printf(bp, "%ld (%s)\n", x->verify_result,
            X509_verify_cert_error_string(x->verify_result))
        <= 0)
        goto err;

    if (BIO_printf(bp, "    Extended master secret: %s\n",
            x->flags & SSL_SESS_FLAG_EXTMS ? "yes" : "no")
        <= 0)
        goto err;

    if (istls13) {
        if (BIO_printf(bp, "    Max Early Data: %u\n",
                x->ext.max_early_data)
            <= 0)
            goto err;
    }

    return 1;
err:
    return 0;
}

/*
 * print session id and master key in NSS keylog format (RSA
 * Session-ID:<session id> Master-Key:<master key>)
 */
int SSL_SESSION_print_keylog(BIO *bp, const SSL_SESSION *x)
{
    size_t i;

    if (x == NULL)
        goto err;
    if (x->session_id_length == 0 || x->master_key_length == 0)
        goto err;

    /*
     * the RSA prefix is required by the format's definition although there's
     * nothing RSA-specific in the output, therefore, we don't have to check if
     * the cipher suite is based on RSA
     */
    if (BIO_puts(bp, "RSA ") <= 0)
        goto err;

    if (BIO_puts(bp, "Session-ID:") <= 0)
        goto err;
    for (i = 0; i < x->session_id_length; i++) {
        if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0)
            goto err;
    }
    if (BIO_puts(bp, " Master-Key:") <= 0)
        goto err;
    for (i = 0; i < x->master_key_length; i++) {
        if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0)
            goto err;
    }
    if (BIO_puts(bp, "\n") <= 0)
        goto err;

    return 1;
err:
    return 0;
}

Coverage Report

Created: 2026-02-14 07:20

Line	Count	Source
1		/*
2		* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
3		* Copyright 2005 Nokia. All rights reserved.
4		*
5		* Licensed under the Apache License 2.0 (the "License"). You may not use
6		* this file except in compliance with the License. You can obtain a copy
7		* in the file LICENSE in the source distribution or at
8		* https://www.openssl.org/source/license.html
9		*/
10
11		#include <stdio.h>
12		#include <openssl/buffer.h>
13		#include "ssl_local.h"
14
15		#ifndef OPENSSL_NO_STDIO
16		int SSL_SESSION_print_fp(FILE fp, const SSL_SESSION x)
17	0	{
18	0	BIO *b;
19	0	int ret;
20
21	0	if ((b = BIO_new(BIO_s_file())) == NULL) {
22	0	ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB);
23	0	return 0;
24	0	}
25	0	BIO_set_fp(b, fp, BIO_NOCLOSE);
26	0	ret = SSL_SESSION_print(b, x);
27	0	BIO_free(b);
28	0	return ret;
29	0	}
30		#endif
31
32		int SSL_SESSION_print(BIO bp, const SSL_SESSION x)
33	397	{
34	397	size_t i;
35	397	const char *s;
36	397	int istls13;
37
38	397	if (x == NULL)
39	0	goto err;
40	397	istls13 = (x->ssl_version == TLS1_3_VERSION);
41	397	if (BIO_puts(bp, "SSL-Session:\n") <= 0)
42	0	goto err;
43	397	s = ssl_protocol_to_string(x->ssl_version);
44	397	if (BIO_printf(bp, " Protocol : %s\n", s) <= 0)
45	0	goto err;
46
47	397	if (x->cipher == NULL) {
48	0	if (((x->cipher_id) & 0xff000000) == 0x02000000) {
49	0	if (BIO_printf(bp, " Cipher : %06lX\n",
50	0	x->cipher_id & 0xffffff)
51	0	<= 0)
52	0	goto err;
53	0	} else {
54	0	if (BIO_printf(bp, " Cipher : %04lX\n",
55	0	x->cipher_id & 0xffff)
56	0	<= 0)
57	0	goto err;
58	0	}
59	397	} else {
60	397	if (BIO_printf(bp, " Cipher : %s\n",
61	397	((x->cipher->name == NULL) ? "unknown"
62	397	: x->cipher->name))
63	397	<= 0)
64	0	goto err;
65	397	}
66	397	if (BIO_puts(bp, " Session-ID: ") <= 0)
67	0	goto err;
68	806	for (i = 0; i < x->session_id_length; i++) {
69	409	if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0)
70	0	goto err;
71	409	}
72	397	if (BIO_puts(bp, "\n Session-ID-ctx: ") <= 0)
73	0	goto err;
74	496	for (i = 0; i < x->sid_ctx_length; i++) {
75	99	if (BIO_printf(bp, "%02X", x->sid_ctx[i]) <= 0)
76	0	goto err;
77	99	}
78	397	if (istls13) {
79	3	if (BIO_puts(bp, "\n Resumption PSK: ") <= 0)
80	0	goto err;
81	394	} else if (BIO_puts(bp, "\n Master-Key: ") <= 0)
82	0	goto err;
83	2.60k	for (i = 0; i < x->master_key_length; i++) {
84	2.20k	if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0)
85	0	goto err;
86	2.20k	}
87	397	#ifndef OPENSSL_NO_PSK
88	397	if (BIO_puts(bp, "\n PSK identity: ") <= 0)
89	0	goto err;
90	397	if (BIO_printf(bp, "%s", x->psk_identity ? x->psk_identity : "None") <= 0)
91	1	goto err;
92	396	if (BIO_puts(bp, "\n PSK identity hint: ") <= 0)
93	0	goto err;
94	396	if (BIO_printf(bp, "%s", x->psk_identity_hint ? x->psk_identity_hint : "None") <= 0)
95	1	goto err;
96	395	#endif
97	395	#ifndef OPENSSL_NO_SRP
98	395	if (BIO_puts(bp, "\n SRP username: ") <= 0)
99	0	goto err;
100	395	if (BIO_printf(bp, "%s", x->srp_username ? x->srp_username : "None") <= 0)
101	1	goto err;
102	394	#endif
103	394	if (x->ext.tick_lifetime_hint) {
104	120	if (BIO_printf(bp,
105	120	"\n TLS session ticket lifetime hint: %ld (seconds)",
106	120	x->ext.tick_lifetime_hint)
107	120	<= 0)
108	0	goto err;
109	120	}
110	394	if (x->ext.tick) {
111	2	if (BIO_puts(bp, "\n TLS session ticket:\n") <= 0)
112	0	goto err;
113	2	if (BIO_dump_indent(bp, (const char *)x->ext.tick, (int)x->ext.ticklen, 4)
114	2	<= 0)
115	1	goto err;
116	2	}
117	393	#ifndef OPENSSL_NO_COMP
118	393	if (x->compress_meth != 0) {
119	1	SSL_COMP *comp = NULL;
120
121	1	if (!ssl_cipher_get_evp(NULL, x, NULL, NULL, NULL, NULL, &comp, 0))
122	0	goto err;
123	1	if (comp == NULL) {
124	1	if (BIO_printf(bp, "\n Compression: %d", x->compress_meth) <= 0)
125	0	goto err;
126	1	} else {
127	0	if (BIO_printf(bp, "\n Compression: %d (%s)", comp->id,
128	0	comp->name)
129	0	<= 0)
130	0	goto err;
131	0	}
132	1	}
133	393	#endif
134	393	if (x->time != 0L) {
135	393	if (BIO_printf(bp, "\n Start Time: %lld", (long long)x->time) <= 0)
136	0	goto err;
137	393	}
138	393	if (x->timeout != 0L) {
139	393	if (BIO_printf(bp, "\n Timeout : %lld (sec)", (long long)x->timeout) <= 0)
140	0	goto err;
141	393	}
142	393	if (BIO_puts(bp, "\n") <= 0)
143	0	goto err;
144
145	393	if (BIO_puts(bp, " Verify return code: ") <= 0)
146	0	goto err;
147	393	if (BIO_printf(bp, "%ld (%s)\n", x->verify_result,
148	393	X509_verify_cert_error_string(x->verify_result))
149	393	<= 0)
150	0	goto err;
151
152	393	if (BIO_printf(bp, " Extended master secret: %s\n",
153	393	x->flags & SSL_SESS_FLAG_EXTMS ? "yes" : "no")
154	393	<= 0)
155	0	goto err;
156
157	393	if (istls13) {
158	3	if (BIO_printf(bp, " Max Early Data: %u\n",
159	3	x->ext.max_early_data)
160	3	<= 0)
161	0	goto err;
162	3	}
163
164	393	return 1;
165	4	err:
166	4	return 0;
167	393	}
168
169		/*
170		* print session id and master key in NSS keylog format (RSA
171		* Session-ID:<session id> Master-Key:<master key>)
172		*/
173		int SSL_SESSION_print_keylog(BIO bp, const SSL_SESSION x)
174	0	{
175	0	size_t i;
176
177	0	if (x == NULL)
178	0	goto err;
179	0	if (x->session_id_length == 0 \|\| x->master_key_length == 0)
180	0	goto err;
181
182		/*
183		* the RSA prefix is required by the format's definition although there's
184		* nothing RSA-specific in the output, therefore, we don't have to check if
185		* the cipher suite is based on RSA
186		*/
187	0	if (BIO_puts(bp, "RSA ") <= 0)
188	0	goto err;
189
190	0	if (BIO_puts(bp, "Session-ID:") <= 0)
191	0	goto err;
192	0	for (i = 0; i < x->session_id_length; i++) {
193	0	if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0)
194	0	goto err;
195	0	}
196	0	if (BIO_puts(bp, " Master-Key:") <= 0)
197	0	goto err;
198	0	for (i = 0; i < x->master_key_length; i++) {
199	0	if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0)
200	0	goto err;
201	0	}
202	0	if (BIO_puts(bp, "\n") <= 0)
203	0	goto err;
204
205	0	return 1;
206	0	err:
207	0	return 0;
208	0	}